I understand from various documentations and learning portals that specifying the account or root ARN means that an Account is fully trusted and therefore the IAM users in t
